summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorcelest <celest@54d463be-8e91-2dee-dedb-b68131a5f0ec>2005-02-23 07:42:30 +0000
committercelest <celest@54d463be-8e91-2dee-dedb-b68131a5f0ec>2005-02-23 07:42:30 +0000
commit5a05bc1a5b02a9829f9e23578350f8639edf32b4 (patch)
tree395ad5faccdc95605364714e65254e10152f1ed6
parentb95c5fc80f2956d2c9534be00ab8737b921c93a5 (diff)
downloadhercules-5a05bc1a5b02a9829f9e23578350f8639edf32b4.tar.gz
hercules-5a05bc1a5b02a9829f9e23578350f8639edf32b4.tar.bz2
hercules-5a05bc1a5b02a9829f9e23578350f8639edf32b4.tar.xz
hercules-5a05bc1a5b02a9829f9e23578350f8639edf32b4.zip
* Fixed char server crash when sending wisp with a "'" in the names
git-svn-id: https://rathena.svn.sourceforge.net/svnroot/rathena/branches/stable@1167 54d463be-8e91-2dee-dedb-b68131a5f0ec
-rw-r--r--Changelog-SVN.txt1
-rw-r--r--src/char_sql/inter.c4
2 files changed, 4 insertions, 1 deletions
diff --git a/Changelog-SVN.txt b/Changelog-SVN.txt
index 3b8877b06..4e57d8d4b 100644
--- a/Changelog-SVN.txt
+++ b/Changelog-SVN.txt
@@ -1,6 +1,7 @@
Date Added
02/23
+ * Fixed char server crash when sending wisp with a "'" in the names [celest]
* Fixed Backstab not checking for and consuming arrows [celest]
* Fixed another bad typo causing @allskill to not add points into advanced job
skills [celest]
diff --git a/src/char_sql/inter.c b/src/char_sql/inter.c
index 0f956118c..a8e0d4f44 100644
--- a/src/char_sql/inter.c
+++ b/src/char_sql/inter.c
@@ -423,6 +423,7 @@ int mapif_parse_GMmessage(int fd)
int mapif_parse_WisRequest(int fd) {
struct WisData* wd;
static int wisid = 0;
+ char t_name[32];
if (RFIFOW(fd,2)-52 >= sizeof(wd->msg)) {
printf("inter: Wis message size too long.\n");
@@ -431,7 +432,8 @@ int mapif_parse_WisRequest(int fd) {
printf("inter: Wis message doesn't exist.\n");
return 0;
}
- sprintf (tmp_sql, "SELECT `name` FROM `%s` WHERE `name`='%s'",char_db, RFIFOP(fd,28));
+ sprintf (tmp_sql, "SELECT `name` FROM `%s` WHERE `name`='%s'",
+ char_db, jstrescapecpy(t_name, (char *)RFIFOP(fd,28)));
if(mysql_query(&mysql_handle, tmp_sql) ) {
printf("DB server Error - %s\n", mysql_error(&mysql_handle) );
}